Oracle Critical Patch Update for July 2015

Oracle’s Critical Patch Update is out for July 2015:

http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html

Affected are database versions 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1 and 12.1.0.2.

This is the final patch for both the 11.1.0.7 and 11.2.0.3 releases. The final patch for 12.1.0.1 will be released in January 2016.

The most prominent bug on the risk matrix is CVE-2015-2629 whereby a remote authenticated user can exploit a flaw in the Java VM component to gain elevated privileges.

For the 11.2.0.4 patches, you can apply one of the following:

11.2.0.4 SPU for UNIX: patch 20803583
11.2.0.4.7 PSU for UNIX: patch 20760982
11.2.0.4.17 Quarterly Database Patch for Exadata (July 2015): patch 21142006
July 2015 Quarterly Full-Stack Patch for Exadata: patch 21186703

Don’t forget your Grid Infrastructure patching:

11.2.0.4 PSU for UNIX: patch 20996923

And, of course, ever since those Java bugs were discovered, we should also patch the JVM:

11.2.0.4.4 Database PSU for UNIX: patch 21068539

Happy patching!

Advertisements
Tagged , , ,

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: